chore: simplify deployment and fix environment

Signed-off-by: Ruben Romero Montes <[email protected]>

Author: ruromero

deploy/README-docker.md

@@ -2,10 +2,11 @@
 
 This directory contains Docker Compose files for local development deployment of Trustify with its required infrastructure components.
 
+**Note**: Replace `docker-compose` with `podman-compose` if you're using Podman instead.
+
 ## Files
 
 - `docker-compose.infrastructure.yml` - Infrastructure services (Redis, PostgreSQL)
-- `docker-compose.infra-sso.yml` - Infrastructure services (Keycloak)
 - `docker-compose.application.yml` - Application service (trust-da)
 - `env.example` - Environment variables template
 
@@ -17,9 +18,6 @@ This directory contains Docker Compose files for local development deployment of
 # Start Redis, PostgreSQL, and Keycloak
 docker-compose -f docker-compose.infrastructure.yml up -d
 
-# Start Keycloak
-docker-compose -f docker-compose.infra-sso.yml up -d
-
 # Check if services are healthy
 docker-compose -f docker-compose.infrastructure.yml ps
 ```
@@ -34,7 +32,13 @@ cp env.example .env
 nano .env
 ```
 
-### 3. Start Application
+### 3. Create Network
+
+```bash
+docker network create trustify-network
+```
+
+### 4. Start Application
 
 ```bash
 # Start the trust-da application
@@ -52,7 +56,6 @@ docker-compose -f docker-compose.application.yml ps
 |---------|------|-------------|
 | Redis | 6379 | Cache and session storage |
 | PostgreSQL | 5432 | Database for Keycloak and application |
-| Keycloak | 8080 | Identity and access management |
 
 ### Application Services
 
@@ -64,15 +67,12 @@ docker-compose -f docker-compose.application.yml ps
 ## Access Points
 
 - **Application**: http://localhost:8081
-- **Keycloak Admin**: http://localhost:8080
-  - Username: `admin`
-  - Password: `admin123`
 - **PostgreSQL**: localhost:5432
   - Database: `trustify`
   - Username: `trustify`
   - Password: `trustify123`
 - **Redis**: localhost:6379
-  - Password: `trustify123`
+  - No authentication required
 
 ## Health Checks
 
@@ -82,9 +82,6 @@ All services include health checks. You can monitor them with:
 # Check infrastructure health
 docker-compose -f docker-compose.infrastructure.yml ps
 
-# Check Keycloak health
-docker-compose -f docker-compose.infra-sso.yml ps
-
 # Check application health
 docker-compose -f docker-compose.application.yml ps
 ```
@@ -95,9 +92,6 @@ docker-compose -f docker-compose.application.yml ps
 # View infrastructure logs
 docker-compose -f docker-compose.infrastructure.yml logs -f
 
-# View Keycloak logs
-docker-compose -f docker-compose.infra-sso.yml logs -f
-
 # View application logs
 docker-compose -f docker-compose.application.yml logs -f
 
@@ -110,14 +104,11 @@ docker-compose -f docker-compose.application.yml logs -f trust-da
 ```bash
 # Stop application
 docker-compose -f docker-compose.application.yml down
-# Stop Keycloak
-docker-compose -f docker-compose.infa-sso.yml down
 # Stop infrastructure
 docker-compose -f docker-compose.infrastructure.yml down
 
 # Stop everything and remove volumes
 docker-compose -f docker-compose.infrastructure.yml down -v
-docker-compose -f docker-compose.infra-sso.yml down
 docker-compose -f docker-compose.application.yml down
 ```
 
@@ -132,14 +123,22 @@ To reset all data:
 docker-compose -f docker-compose.infrastructure.yml down -v
 ```
 
+## Remove the network
+
+```bash
+docker network rm trustify-network
+```
+
 ## Environment Variables
 
 Create a `.env` file based on `env.example` to customize:
 
+- `TRUSTIFY_HOST`: Your Trustify server host
 - `TRUSTIFY_CLIENT_ID`: Your Trustify client ID
 - `TRUSTIFY_CLIENT_SECRET`: Your Trustify client secret
-- `SENTRY_DSN`: Sentry DSN for error tracking
-- `TELEMETRY_WRITE_KEY`: Telemetry write key
+- `TRUSTIFY_AUTH_SERVER_URL`: The Trustify SSO Server URL
+- `SENTRY_DSN`: Sentry DSN for error tracking (Optional)
+- `TELEMETRY_WRITE_KEY`: Telemetry write key (Optional)
 
 ## Troubleshooting
 
@@ -154,21 +153,3 @@ docker-compose -f docker-compose.application.yml logs
 docker-compose -f docker-compose.infrastructure.yml restart
 docker-compose -f docker-compose.application.yml restart
 ```
-
-### Port conflicts
-
-If you have port conflicts, modify the port mappings in the compose files:
-
-```yaml
-ports:
-  - "8082:8080"  # Change 8081 to 8082
-```
-
-### Network issues
-
-The application uses an external network. If you encounter network issues:
-
-```bash
-# Create the network manually
-docker network create trustify-network
-```

deploy/docker-compose.application.yml

@@ -1,30 +1,31 @@
-version: '3.8'
-
 services:
   trust-da:
-    image: trust-da:latest
+    image: ${TRUST_DA_IMAGE:-trust-da:latest}
     container_name: trustify-trust-da
+    env_file:
+      - .env
     ports:
-      - "8081:8080"  # Application port
-      - "9001:9000"  # Management port
+      - "8080:8080"  # Application port
+      - "9000:9000"  # Management port
     environment:
       # Monitoring
       MONITORING_ENABLED: "false"
 
       # Database
       DB_REDIS_HOST: redis
       DB_REDIS_PORT: 6379
+      DB_POSTGRES_HOST: postgres
+      DB_POSTGRES_PORT: 5432
+      DB_POSTGRES_DATABASE: trustify
+      DB_POSTGRES_USER: trustify
+      DB_POSTGRES_PASSWORD: trustify123
+      API_ONGUARD_DISABLED: true
 
       # Trustify
-      TRUSTIFY_HOST: ${TRUSTIFY_HOST:-https://rhtpa.stage.devshift.net/api/v2/}
-      TRUSTIFY_CLIENT_ID: ${TRUSTIFY_CLIENT_ID:-your-trustify-client-id}
-      TRUSTIFY_CLIENT_SECRET: ${TRUSTIFY_CLIENT_SECRET:-your-trustify-client-secret}
-      TRUSTIFY_AUTH_SERVER_URL: http://keycloak:8080
-    depends_on:
-      redis:
-        condition: service_healthy
-      keycloak:
-        condition: service_healthy
+      PROVIDER_TRUSTIFY_HOST: ${TRUSTIFY_HOST:-https://trustify.example.com/api/v2/}
+      PROVIDER_TRUSTIFY_AUTH_CLIENT_ID: ${TRUSTIFY_CLIENT_ID:-your-trustify-client-id}
+      PROVIDER_TRUSTIFY_AUTH_CLIENT_SECRET: ${TRUSTIFY_CLIENT_SECRET:-your-trustify-client-secret}
+      PROVIDER_TRUSTIFY_AUTH_SERVER_URL: ${TRUSTIFY_AUTH_SERVER_URL:-http://sso-trustify.example.com:8090}
     healthcheck:
       test: ["CMD", "curl", "-f", "http://localhost:9000/q/health/ready"]
       interval: 30s

deploy/docker-compose.infra-sso.yml

@@ -1,5 +1,3 @@
-version: '3.8'
-
 services:
   redis:
     image: redis:8-alpine
@@ -8,9 +6,6 @@ services:
       - "6379:6379"
     volumes:
       - redis_data:/data
-    environment:
-      - REDIS_PASSWORD=trustify123
-    command: redis-server --requirepass trustify123
     healthcheck:
       test: ["CMD", "redis-cli", "--raw", "incr", "ping"]
       interval: 30s
@@ -37,3 +32,8 @@ services:
 volumes:
   redis_data:
   postgres_data:
+
+networks:
+  default:
+    name: trustify-network
+    external: true

deploy/docker-compose.infrastructure.yml

@@ -2,3 +2,4 @@
 TRUSTIFY_HOST=http://trustify.example.com/api/v2/
 TRUSTIFY_CLIENT_ID=your-trustify-client-id
 TRUSTIFY_CLIENT_SECRET=your-trustify-client-secret
+TRUSTIFY_AUTH_SERVER_URL=https://sso-trustify.example.com/auth/realms/trustify